News from ISAC By Noel Laam

Information Services Advisory Committee (ISAC) is a committee that advises the Senate on matters concerning the policy and development of the Information Services Group. The following are a list of issues reviewed and reported in the ISAC.

Outsourcing of Dial-up Facility

To meet the rapidly growing demand for dial-up facility, a modem pool of a total of 800 dial-up lines including 96 for staff, 100 for express lines and 604 for students was recommended. The ISAC decided that priority should be given to improving on-campus Internet access rather than off-campus, and agreed to outsource the entire modem pool to a carrier provider and increase the total number of dial-up lines as recommended.

Network Connection for RAs and Students in Dormitory

A network connection charge is levied for each computer connected to the campus network. During CSC's annual visit to departments, some departments raised concern on how to establish the budget to pay for the network connection charges of the increasing research machines, the amount of which was not catered for in their original research budget proposals. Furthermore, as the existing student hostels (as well as future ones) and staff quarters in To Yuen Street have all direct connections to the campus network, the responsibility for payment of the network connection charges of student hostels and staff quarters would have to be decided. The ISAC resolved that the University should cover the network connection charges in the student hostels and staff quarters, while individual research projects should pay the network connection charge as a matter of policy. It was also resolved that staff members should be advised to make provision for the network connection charge in their research budget proposals, and the CSC should implement the policy for new research projects and stop the connection if necessary. Otherwise, it would be unfair to those who pay.

Network Connection/Service for External Users

Some departments have already installed, or are considering to install, external communication link while some have allocated computer accounts on departmental machines in order to allow external parties convenient and direct access to certain departmental services and/or facilities. Though departments may find such external access desirable, it inevitably gives rise to issues such as security risk, additional network bandwidth for the Internet, heavier backbone and departmental traffic and extra effort for network management. It was resolved in the ISAC that the following guidelines be observed by departments for offering remote access services to external parties:

i) To register with CSC well in advance on all external access to departmental services/facilities that are not physically disjointed from the campus network. This information is useful for capacity planning; troubleshooting; and auditing of network security, performance, and access related problems.

ii) To inform external users on policies relating to password protection, virus protection, software licensing, security, acceptable use policies of the central and departmental network currently in effect, data privacy, etc. in order to minimise potential threats to our network users.

iii) To ensure that proper system/network security measures are timely implemented and central and departmental policies are enforced by departmental system/network administrators at all times so that departmental services or facilities will not be used as a stepping stone to attack other machines on and off the campus network.

Phasing out of Outdated Facilities

It was reported that the following applications and systems have already been phased out due to obsolescence or y2k compliance.

SPSS 4.1 and Lisrel 7 for Open VMS
Oracle 7.1.4 on UNIX servers
DOS/Windows 3.11
SunOS service
Pathworks Mail and DECNET

Report on Wireless LAN Pilot Scheme

The Wireless LAN (WLAN) pilot scheme was carried out during Semester B 1998/99 (mainly from March to May) to test the effectiveness of the set up and to look into various issues related to the use of this new technology in teaching and learning environment. Altogether 21 lecturers from 13 departments/divisions and 3 tutorial workshops from 3 different departments were participating in this scheme using 22 classrooms. Loan pools of notebook computers and WLAN antennas were set up to facilitate the implementation.

The WLAN pilot scheme was a success and well received by staff and students. Most of them found the WLAN reliable, convenient, flexible and fast.

Report on Hacking of Computers

About a dozen complaints relating to computer hacking were received around mid 1999, half of them complaining our users trying to hack some remote sites, and the other half about remote sites trying to hack our machines. From the network monitoring log, the number of hacking attempts far exceeded what had been actually reported. Most of the alleged hackers were using software like NetBus or Black Orifice to gain access to and subsequently cause damage to the target machines. Since the culprits could either fake the IP addresses or assume victims' identities, it was therefore difficult to determine who the victims and culprits were.

Counter measures such as employing software to block and report these illegal break-in attempts, or configuring routers to filter out traffic from specific IP ports which the servers of NetBus etc. listened on were taken. Security alerts were also issued from time to time to remind users to install all necessary security patches, to properly protect their passwords, and to contact the CSC for help if necessary.

Report on Screening of Internet Access

It was noted that some undesirable content (eg. sex, obscene materials, violence, etc.) on the Internet delivered in the form of Web pages, newsgroup messages etc. were easily accessed by students. Since the reading of such contents in public area would cause inconvenience and embarrassement to other students, and would certainly damage the image of the University, it was decided that all those computers that could be reached in public areas, such as the Express Terminals and those in the CSC Student Terminal Area, would be barred from accessing such contents.